Get a Pentest and security assessment of your IT network.

Cyber Security

Detecting attackers obfuscating their IP address inside AWS

Security researchers have documented an attack technique that may allow attackers to use a legitimate Amazon VPC feature to mask their use of stolen API credentials inside AWS. The feature that allows customers to control their IP addresses also allows attackers to control the IP address written to AWS CloudTrail logs when accessing a compromised account via a newly created VPC endpoint. The researchers say the technique can be used to fool various security protections that rely on the Cloudtrail logs, such as SIEMs and cloud security tools.

Source: https://www.helpnetsecurity.com/2021/05/18/detecting-attackers-inside-aws/

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation